SOUTHAMPTON, Bermuda — Companies are increasingly recognizing the threats cyber risks pose to their organizations, and while few have moved to cover that risk in their captives yet, the number should increase in coming years, two captive experts said Tuesday.

Speaking at the 2014 Bermuda Captive Conference on a panel examining captive trends, Robert Geraghty, vice president and head of business development at Marsh IAS Management Services Bermuda Ltd. in Hamilton, Bermuda, said that while Marsh’s “2014 Captive Benchmarking Report” showed only 17 captives covering cyber risks of 1,148 it examined, “it’s 17 more than we had three years ago.”

“I think we will see more writing it going forward,” Mr. Geraghty said. “But I think we have to understand it more. I think you have to understand the risk and how it’s going to affect your company.”

Another panelist, Peter Mullen, CEO of captive and insurance management at Aon Global Risk Consulting in Pembroke, Bermuda, said that an Aon survey of captive directors released earlier this year showed 7% expecting to add cyber coverage to the lines already written in their captives over the next five years.

“We’ve got about a dozen companies writing cyber right now,” Mr. Mullen said. “Lots of people are talking about it. But we still haven’t really seen captives step up and do something innovative and different.”

Cyber risk remains difficult to quantify, Mr. Mullen said.

“Those that are writing cyber in captives are following what the market is doing” rather than using their captives to fill gaps in the cyber coverages available in the traditional market, he said.

Mr. Geraghty said he expects to see companies initially using their captives to fund the deductibles in their traditional market cyber policies, then eventually placing more cyber risk in the captive as they better understand the exposure.